This is part of the query

<panel id="cantidad">
<single>
<title>Cantidad Alertas Gatilladas Durante el día</title>
<search>
<query>index=_audit earliest=@d|search ss_name="DKT - Alerta de brecha critica - Gran cantidad de brechas Usuario"
OR ss_name="DKT - Alerta de brecha critica - SSH hacia destino externo extraño"
OR ss_name="Endpoint - Servidores Windows Vulnerables a EternalBlue (OpenVas) - Rule"
OR ss_name="Endpoint - Servidores Windows Vulnerables a EternalBlue (Tenable) - Rule"
OR ss_name="Endpoint - Tareas programadas mal configuradas - Rule"
|table _time ss_name</query>
<earliest>@d</earliest>
<latest>now</latest>
</search>
<option name="colorMode">block</option>
<option name="drilldown">none</option>
<option name="rangeColors">["0x53a051","0xf8be34","0xdc4e41"]</option>
<option name="rangeValues">[10,19]</option>
<option name="refresh.display">progressbar</option>
<option name="useColors">1</option>
</single>